Enhance the page security
This commit is contained in:
Laurent Destailleur
parent
4d409e23f5
commit
c0e0300eb3
@ -118,9 +118,10 @@ if (empty($reshook)) {
|
||||
|
||||
$form = new Form($db);
|
||||
|
||||
$help_url = '';
|
||||
$title = $langs->trans('ChartOfIndividualAccountsOfSubsidiaryLedger');
|
||||
|
||||
llxHeader('', $title);
|
||||
llxHeader('', $title, $help_url);
|
||||
|
||||
// Customer
|
||||
$sql = "SELECT sa.rowid, sa.nom as label, sa.code_compta as subaccount, '1' as type, sa.entity";
|
||||
@ -314,7 +315,7 @@ if ($resql) {
|
||||
|
||||
print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', $num, $nbtotalofrecords, 'title_accountancy', 0, '', '', $limit, 0, 0, 1);
|
||||
|
||||
print '<div class="warning">'.$langs->trans("WarningCreateSubAccounts").'</div>';
|
||||
print '<div class="info">'.$langs->trans("WarningCreateSubAccounts").'</div>';
|
||||
|
||||
$varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
|
||||
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
|
||||
|
||||
@ -309,8 +309,9 @@ function getResultColumn($name, array $activated, array $loaded, array $function
|
||||
}
|
||||
if (strtolower($name) == 'xdebug') {
|
||||
$html .= ' '.$langs->trans("ModuleActivated", "xdebug");
|
||||
$html .= ' - '.$langs->trans("ModuleActivatedMayExposeInformation");
|
||||
} else {
|
||||
$html .= ' '.$langs->trans("PHPSupport", $name);
|
||||
$html .= ' <span class="opacitymedium">'.$langs->trans("PHPSupport", $name).'</span>';
|
||||
}
|
||||
} else {
|
||||
if (strtolower($name) == 'xdebug') {
|
||||
|
||||
@ -76,7 +76,7 @@ if ($test) {
|
||||
print '<br>';
|
||||
|
||||
print '<br>';
|
||||
print load_fiche_titre($langs->trans("ConfigurationFile"), '', 'folder');
|
||||
print load_fiche_titre($langs->trans("ConfigurationFile").' ('.$conffile.')', '', 'folder');
|
||||
|
||||
print '<strong>'.$langs->trans("dolibarr_main_prod").'</strong>: '.$dolibarr_main_prod;
|
||||
if (empty($dolibarr_main_prod)) {
|
||||
@ -98,7 +98,7 @@ print '<br>';
|
||||
|
||||
print '<br>';
|
||||
print '<br>';
|
||||
print load_fiche_titre($langs->trans("Permissions"), '', 'folder');
|
||||
print load_fiche_titre($langs->trans("PermissionsOnFiles"), '', 'folder');
|
||||
|
||||
print '<strong>'.$langs->trans("PermissionsOnFilesInWebRoot").'</strong>: ';
|
||||
// TODO Check permission are read only except for custom dir
|
||||
@ -151,9 +151,18 @@ print load_fiche_titre($langs->trans("Menu").' '.$langs->trans("SecuritySetup"),
|
||||
|
||||
//print '<strong>'.$langs->trans("PasswordEncryption").'</strong>: ';
|
||||
print '<strong>MAIN_SECURITY_HASH_ALGO</strong> = '.(empty($conf->global->MAIN_SECURITY_HASH_ALGO) ? $langs->trans("Undefined") : '')." ";
|
||||
print '<span class="opacitymedium"> If unset: \'md5\'</span> ';
|
||||
print '<span class="opacitymedium"> - Recommanded value: \'password_hash\'</span><br>';
|
||||
print '<strong>MAIN_SECURITY_SALT</strong> = '.(empty($conf->global->MAIN_SECURITY_SALT) ? $langs->trans("Undefined") : '').'<br>';
|
||||
print '<span class="opacitymedium"> If unset: \'md5\'</span><br>';
|
||||
if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') {
|
||||
print '<strong>MAIN_SECURITY_SALT</strong> = '.(empty($conf->global->MAIN_SECURITY_SALT) ? $langs->trans("Undefined") : $conf->global->MAIN_SECURITY_SALT).'<br>';
|
||||
}
|
||||
if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') {
|
||||
print '<span class="opacitymedium">The recommanded value for MAIN_SECURITY_HASH_ALGO is now \'password_hash\' but setting it now will make ALL existing passwords of all users not valid, so update is not possible.<br>';
|
||||
print 'If you really want to switch, you must:<br>';
|
||||
print '- Go on home - setup - other and add constant MAIN_SECURITY_HASH_ALGO to value \'password_hash\'<br>';
|
||||
print '- In same session, WITHOUT LOGGING OUT, go into your admin user record and set a new password<br>';
|
||||
print '- You can now logout and login with this new password. You must now reset password of all other users.<br>';
|
||||
print '</span><br>';
|
||||
}
|
||||
print '<br>';
|
||||
// TODO
|
||||
|
||||
|
||||
@ -37,15 +37,18 @@ llxHeader();
|
||||
|
||||
print load_fiche_titre("XDebug", '', 'title_setup');
|
||||
|
||||
print "<br>\n";
|
||||
|
||||
|
||||
if (!function_exists('xdebug_is_enabled')) {
|
||||
print "<br>\n";
|
||||
print 'XDebug seems to be not installed. Function xdebug_is_enabled not found.';
|
||||
llxFooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
print '<span class="opacitymedium">';
|
||||
print $langs->trans("ModuleActivatedMayExposeInformation", $langs->transnoentities("XDebug"));
|
||||
print '</span>';
|
||||
|
||||
print '<br><br>';
|
||||
|
||||
if (function_exists('socket_create')) {
|
||||
$address = ini_get('xdebug.remote_host') ?ini_get('xdebug.remote_host') : '127.0.0.1';
|
||||
|
||||
@ -37,6 +37,7 @@ UnlockNewSessions=Remove connection lock
|
||||
YourSession=Your session
|
||||
Sessions=Users Sessions
|
||||
WebUserGroup=Web server user/group
|
||||
PermissionsOnFiles=Permissions on files
|
||||
PermissionsOnFilesInWebRoot=Permissions on files in web root directory
|
||||
PermissionsOnFile=Permissions on file %s
|
||||
NoSessionFound=Your PHP configuration seems to not allow listing of active sessions. The directory used to save sessions (<b>%s</b>) may be protected (for example by OS permissions or by PHP directive open_basedir).
|
||||
@ -62,6 +63,7 @@ IfModuleEnabled=Note: yes is effective only if module <b>%s</b> is enabled
|
||||
RemoveLock=Remove/rename file <b>%s</b> if it exists, to allow usage of the Update/Install tool.
|
||||
RestoreLock=Restore file <b>%s</b>, with read permission only, to disable any further use of the Update/Install tool.
|
||||
SecuritySetup=Security setup
|
||||
PHPSetup=PHP setup
|
||||
SecurityFilesDesc=Define here options related to security about uploading files.
|
||||
ErrorModuleRequirePHPVersion=Error, this module requires PHP version %s or higher
|
||||
ErrorModuleRequireDolibarrVersion=Error, this module requires Dolibarr version %s or higher
|
||||
@ -2098,7 +2100,7 @@ SwitchThisForABetterSecurity=Switching this value to %s is recommended for more
|
||||
DictionaryProductNature= Nature of product
|
||||
CountryIfSpecificToOneCountry=Country (if specific to a given country)
|
||||
YouMayFindSecurityAdviceHere=You may find security advisory here
|
||||
ModuleActivatedMayExposeInformation=This module may expose sensitive data. If you don't need it, disable it.
|
||||
ModuleActivatedMayExposeInformation=This PHP extension may expose sensitive data. If you don't need it, disable it.
|
||||
ModuleActivatedDoNotUseInProduction=A module designed for the development has been enabled. Do not enable it on a production environment.
|
||||
CombinationsSeparator=Separator character for product combinations
|
||||
SeeLinkToOnlineDocumentation=See link to online documention on top menu for examples
|
||||
|
||||
Loading…
Reference in New Issue
Block a user